<?php
/***************************************************************************
 *
 *   copyright            : (C) 2011 Winds of Storm
 *
 *   $Id: login_code.php 131 2011-06-12 20:24:56Z stormerider $
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

function auth_login($room) {
	global	$db;
	global	$config;

	if ($_REQUEST['op'] && ($_REQUEST['username'] == '' || $_REQUEST['password'] == '')) {
		show_login("Please enter both username and password.");
		exit;
	}

	//
	// Check rooms first to pull the mod_group...
	//
	if (($room['room_password'] != '') && $_REQUEST['roompw'] == '') {
		show_login("Room requires a password.");
		exit;
	}

	if (($room['room_password'] != '') && $_REQUEST['roompw'] != $room['room_password']) {
		show_login("Password required for room was incorrect.");
		exit;
	}

	if (checkRoomLimit($room) == 1) {
		show_login("This room has reached the maximum limit of chatters.");
		exit;
	}

	$row	= checkAuth($_REQUEST['username'], $_REQUEST['password'], $room['mod_group'], 0);
	if (!is_array($row)) {
		show_login($row);
		addToLog("Login failed from " . $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user " . $_REQUEST['username'] . " -- pass " . $_REQUEST['password']);
		exit;
	}

	if (checkBoardBan($_SERVER['REMOTE_ADDR'], $row['user_id'])) {
		show_login("Error logging in: user account or IP address are banned.");
		addToLog("Login failed from " . $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user " . $_REQUEST['username'] . " -- banned: " . $banrow['ban_id']);
		exit;
	}

	addToLog("authLogin: calling checkBan(" . $row['user_id'] . ")");
	if (checkBan($row['user_id'])) {
		show_login("Error logging in: user account or IP address are banned.");
		addToLog("authLogin: checkBan found banned userid/ip -- ". $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user " . $_REQUEST['username'] . " -- banned: " . $row['user_id']);
		exit;
	}

	if ($room['room_creator'] == $row['user_id']) {
		$row['moderator']	= 1;
	}
	return($row);
}

